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METHOD AND SYSTEM FOR RECEIVING AND PROVIDING 
ACCESS TO INFORMATION AT A WEB SITE 



Cross-Reference to Related Applications 

This application claims priority to and is a continuation of co-owned co-pending United 
States Patent Application Serial No. 09/488,936, filed January 21, 2000, by Amy Van 
10 Wyngarden, entitled METHOD AND SYSTEM FOR RECEIVING AND PROVIDING 
ACCESS TO INFORMATION AT A WEB SITE, which is a continuation of co-owned U.S. 
Patent No. 6,038,597, issued on March 14, 2000, entitled METHOD AND APPARATUS FOR 
PROVIDING AND ACCESSING DATA AT AN INTERNET SITE, which are incorporated 
herein by reference in their entirety. 

15 

Background 

The disclosures herein relate generally to information systems and more particularly to a 
method and system for receiving and providing access to information at a web site. 

Various systems have been developed whereby data and information can be accessed by 
20 a remote provider and a remote user. In one such system, a remote access server provides a 
remote user with access to a local computer network. The server receives a user identification 
string from its communication port, the string having been entered by the remote user at a remote 



• 1- 



PATENT 

Docket No.: DC-01374B 
Customer No. 000027683 

computer which is coupled to the communication port. The string identifies the remote user. 
The server uses the string to access a database and determine an Internet protocol (IP) address 
associated with the string. The remote computer needs the IP address to communicate on the 
local computer network. The database includes a user identification string for each remote user 

5 and an IP address for each string. The remote access server sends the IP address to the remote 
computer via the communication port. The server then allows the remote computer to access the 
local computer network and to communicate on the local computer network using the IP address. 

Another system is a multitask multiuser system which provides for efficient transfer of 
data from a remote data base to individual subscribers and has particular utility in the distribution 

10 of stock market data. A primary provider distributes the incoming data directly to user tasks or 
to an inquiry provider or a monitor provider. The inquiry provider responds to specific inquiries 
by users for information in the data base. The monitor provider maintains lists of information 
which are being monitored by the host computer for individual users. The inquiry provider and 
the monitor provider do not repeat requests to the remote data base where a similar request is 

1 5 already pending from another user. Data transfer paths between tasks are established by a code 
module which may be linked to any of the tasks. The transfer paths are established using 
information from a configuration list and they are monitored by the operating system through a 
wait list established for each user task. Providers in the system may establish subscriber lists 
through the code module. 

20 In another application, an authorization mechanism provides authorization information 

for a client requesting access to a server resource in a server, having a directory server for storing 
client information required by the server in executing an operation call, including client access 
rights, and generating a request for an authorization ticket to the server. The request for an 
authorization ticket includes an identification of the client and an identification of the client 

25 information required by the server and is in association with an operation call. The authorization 
mechanism generates an authorization ticket including the identified information encrypted with 
an encryption key derived from the password of the server. The authorization ticket is sent to the 
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server and the server decrypts the authorization ticket with the server password and obtains the 
client information directly including the client access rights. Client information is stored in 
directory server fields identified by generic field tags. The authorization ticket request identifies 
client information by tag names identifying the fields, the requested information is stored in the 
5 authorization ticket in fields identified by the tag names, and the server mechanism then reads 
the client information. 

A further application includes a first data processing device (node I) coupled to a first 
private network and to a firewall server (FWA). Firewall server FWA is in turn coupled to a 
public network, such as the Internet. A second data processing device (node J) is coupled to a 

10 second private network which is coupled to the Internet through a firewall server (FWB). Node I 
provides a data packet including IP data and a destination address for the intended receiving 
node J to firewall FWA. Firewall FWA is provided with a secret value and a public value. The 
firewall FWA obtains a Diffie-Hellman (DH) certificate for firewall FWB and determines the 
public value from the DH certificate. A transient key is randomly generated and is used to 

15 encrypt the data packet to be transmitted by firewall FWA to firewall FWB. The encrypted data 
packet is then encapsulated in a transmission packet by the firewall FWA. The transmission 
packet includes an unencrypted destination address for the firewall FWB. Firewall FWA then 
sends the transmission packet to firewall FWB over the Internet. Upon receipt of the 
transmission packet from firewall FWA, firewall FWB obtains a DH certificate for firewall FWA 

20 and determines the public value from the DH certificate. Firewall FWB decrypts the encrypted 
data packet received from FWA, thereby resulting in the recovery of the original data sent by 
node I in unencrypted form to the firewall FWA. The firewall FWB then transmits the decrypted 
data packet to the receiving node J over the second private network. 

Purchasing is a major component of the operation of a business. It involves establishing 

25 authorized vendor sources, seeking first time or unusual vendor sources and maintaining vendor 
relationships. Typically, as strong relationships build and as quantity buying develops, 
purchasing power can increase and purchasing costs can decrease. A major part of repetitive 
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purchasing is based on purchasing history, i.e. what has been purchased in the past, what options 

are desired, and what options are available. 

An important aspect of repetitive purchasing is the accessibility of purchasing history. A 

purchaser can maintain records as well as a vendor but this will most likely only reveal what has 
5 been purchased in the past. A customer may need to know about available options for 

anticipated purchases and a vendor may have modified or new products which are of interest to 

the customer. This can be accomplished by repeated direct contact between purchasing 

department personnel and vendor sales and accounting or other personnel. Such contact may be 

accomplished by numerous telephone calls to several sources at the vendor's site. 
10 Information gathered by the purchaser from the vendor then needs to be communicated 

by purchasing personnel to the person(s) within the organization who requested the information. 

Additional phone calls and/or meetings may be required before a decision can be made for a 

definitive purchase. The purchasing agent must then negotiate the best price based on many 

factors including the nature of the item and the quantity desired. 
15 Accordingly, a need has arisen for a method and system for receiving and providing 

access to information at a web site, in which various shortcomings of previous techniques are 

overcome. 

Summary 

20 According to one embodiment, at a vendor-managed web site, purchasing information is 

received from a first terminal, including purchasing information that is customized for a 
customer. The customer includes first and second users having respective first and second levels 
of authorized access to the purchasing information. The first user is identified by a first 
identifier, and the second user is identified by a second identifier. To a second terminal, access 

25 at the vendor-managed web site is provided to: only a first portion of the purchasing information 
in response to receiving the first identifier from the second terminal which identifies the first 
user; and at least a second portion of the purchasing information in response to receiving the 
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second identifier from the second terminal which identifies the second user. The second portion 
includes at least a part of the first portion and a third portion of the purchasing information. The 
part of the first portion includes at least a portion of the customized purchasing information. 
A principal advantage of this embodiment is that various shortcomings of previous 
5 techniques are overcome. 



Brief Description of the Drawing 

Fig. 1 is a diagrammatic view illustrating an embodiment of a network. 
Fig. 2 is a diagrammatic view illustrating an embodiment of a web site. 
10 Fig. 3 is a diagrammatic view illustrating an embodiment of a team area of the web page. 

Fig. 4 is a diagrammatic view illustrating an embodiment of a store area of the web page. 
Fig. 5 is diagrammatic view illustrating an embodiment of a service area of the web page. 
Fig. 6 is a diagrammatic view illustrating an embodiment of a secure area of the web 

page. 

15 Fig. 7 is a diagrammatic view illustrating an embodiment of a multi-access area of the 

web page. 



Detailed Description 

A network 10, Fig. 1 includes a web site 12 having a web page or several pages coupled 
20 to a first user point 14 and a second user point 16. The first user point 14 as used in this context 
is any terminal on a private network used by a site provider to input managed information to the 
web site 12. The second user point 16 as used in this context is any terminal used by a site user 
via the Internet to access all or part of the managed information at the web site 12. 
The site provider at first user point 14, writes to a series of Internet tools, 
25 diagrammatically illustrated at 15, and publishes to an internal copy 17 of the web site 12 for 

pre-production purposes. Ultimately, the site provider publishes to the web site 12. The site user 
at second user point 16 has access to web site 12 and can also communicate directly via a link 19 
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with the site provider at first user point 14 via, for example, e-mail for the purpose of submitting 
orders for goods offered for sale at the web site 12. Additionally, the site provider directly 
accesses the web site 12 for maintenance purposes, e.g. to access the web site 12 to monitor 
traffic to the site and the quality of the site. 
5 Web site 12 includes a web page or pages 18, Fig. 2 including customized information to 

provide customers at second user point 16 with an easier way of doing business with a site 
provider at first user point 14. Web page 18 resides on the web site 12 behind an unlisted 
universal resource locator (URL). Users at second user point 16 are provided with user ID's and 
user passwords for accessing the web page 18. 

10 Web page 18 features a user logo area 20 and a menu bar selection including a provider 

team area 22, a store area 24, a service and support area 26, a secure area 28, a site information 
area 30, a browse area 32, a multi-access area 34 and a non-disclosure agreement (NDA) area 36. 
The web page 18 information listed above in the various areas are maintained current by the site 
provider by multiple daily updates. 

15 User logo area 20 includes, with the user's permission, a graphical representation of the 

logo of the user organization. If the user does not have a logo or does not wish for the logo to be 
used, the user organizations name may be used in text format. 

Team area 22, Fig. 3 includes name, address, phone and fax numbers, e-mail links and 
title of provider team members and a support category into which each team member is 

20 classified, e.g. sales, customer service, etc. Data listed in the team area can be changed with add- 
ons and updates in order to be maintained current. Other information can be provided if desired. 

Store area 24, Fig. 4 provides links to user standard system configurations 24a including 
pricing information and the ability to submit online orders; links to a discount store 24b for 
additional product information; and links to multiple order status 24c which permits the user to 

25 view status and shipping details of open orders. It is also possible to receive shipment e-mail 

notification automatically, if desired so that the user is prompted when an order is shipped. Store 
information may include a system category, title, a quote member, a price and a list of options. 
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The store information may be modified by the site provider such as by adding a system category, 
changing a standard configuration, or changing other data included in the store information. 

The service and support information area 26, Fig. 5 features system service tags (SST) 
26a which utilizes a five (5) digit system identifier located on a sticker with a bar code on each 
5 product. The SST can be entered and information specific to the user's system will be provided. 
When the SST is entered, an express service code (ESC) 26b which is a unique numeric code, is 
generated for a user when the user enters the SST at the web site. This will avoid call transfers 
and menu options so that the user is routed directly to a specialist at the provider site who will 
provide time help with the user system. A file library 26c functions as a repository of 

10 downloads, BIOS updates drivers and utilities for the user system. This allows the user to keep 
their system up-to-date at their convenience. These files may be grouped by system, file type, 
name and date posted. An order status function 26d provides current status of individual or 
multiple orders. Provider staff members can retrieve order, production and ship dates directly 
from an internal order management system in real time. 

15 The secure area 28, Fig. 6 includes an account team roster 28a and purchasing reports 

28b. The account team roster includes pager links and allows direct user contact with account 
team provider members. There are four (4) different purchasing reports which are provided and 
regularly updated. Each report is viewable online or available for download in several formats. 
An order status and delivery report 28c shows the user detailed information on all orders from 

20 pending production status to invoiced status. An order detail by enterprise 28d report shows the 
detailed information on the units shipped and amount spent by product category for orders 
invoiced during a month. A summary by enterprise report 28e shows total units and spending by 
product category for the order invoiced during a month. Finally, a summary by location report 
28f shows total units and spending by product category for each location in the user organization 

25 and includes only orders invoiced during a month. 
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The information area 30 includes links to the web site home and tips on how to use the 
web site as well as a feedback form to permit the user to submit ideas to the provider concerning 
how to improve the web site. 

The browse area 32 provides easy access to the provider home page as well as to select 

5 links on the web site which may be of interest to the user. 

The multi-access area 34, Fig. 7 has at least two (2) levels of access, each of which is 
associated with the user ID and password mentioned above. One access area is referred to as a 
general access user ID and password area 34a and allows users to see everything at the web site 
except for the secure area 28. The other access area is referred to as a managed access user ID 

10 and password area 34b and allows users to see everything at the site including the secure area 28. 
The managed area may, if desired, be subdivided into multi-level access areas so that a first level 
managed access user ID and password allows users to see everything at the web site including a 
first portion 34c of the secure area 28 and a second level managed access user ID and password 
allows users to see everything at the web site including the first and a second portion 34c, 34d, 

15 respectively, of the secure area 28. Provider team members contact appropriate personnel at the 
user organization and provide the URL and multi-level ID 's and passwords as required for user 
access to the web site 12. An intranet manager at the user organization can add a link from the 
second user point 16 to the web site 12 and post the general user ID and password next to the 
link for web site 12. This will permit anyone at the second user point 16 to access the web site 

20 12 instead of having to recall a URL, user ID and password. The user organization will be 

responsible for designating appropriate people at the user organization to have the managed user 
ID and password usually reserved for a select group of users which may be defined by job 
description, rank, title, etc. 

The online NDA 36 is provided each time a user visits web site 12 for the first time. 

25 After entering the URL for the organization web page 1 8, the user will be prompted to view and 
accept the online NDA 36. Once the NDA 36 is accepted, the user's hard drive at the terminal 
being used will function so as not to prompt that particular user with the NDA 36 again. 
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However, each time a user accesses the organization web page 18 from a different terminal at 
second user point 16 for the first time, the user will be prompted to accept the NDA 36, and upon 
accepting, the terminal being used will function so as not to prompt that particular user with the 
NDA 36 again. 

5 As it can be seen, the principal advantages of this embodiment are that the web site 

provides information which is continuously updated by the provider and makes business 
purchases easier to initiate, manage and control for both the organization user/buyer and the 
provider/seller and reduces purchasing and maintenance costs for both user and provider. In 
addition, direct relationships between user and provider are enhanced and supported from pre- 

10 sales to post-sales. The provider is able to off-load tasks such as order quoting and order status 
from the sales staff so that they can spend more time selling product. The user is encouraged to 
do more transactions and information gathering online which is more efficient. A competitive 
advantage to the provider is that the user can conduct business with the provider in an easier, 
more cost efficient manner. User satisfaction and loyalty is enhanced and new users are attracted 

15 to this mode of purchasing from the provider. 

Although illustrative embodiments have been shown and described, a wide range of 
modification, change and substitution is contemplated in the foregoing disclosure and in some 
instances, some features of the embodiments may be employed without a corresponding use of 
other features. Accordingly, it is appropriate that the appended claims be construed broadly and 

20 in a manner consistent with the scope of the embodiments disclosed herein. 
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